System and method for generating a dynamic machine readable code

ABSTRACT

Aspects of the present disclosure involve systems, methods, devices, and the like for generating dynamic machine readable codes. In one embodiment, a system is introduced that enables the analysis of user information for the generation of the dynamic machine readable code. In response to the analysis, using middleware on a multi-tier system, user information is embedded onto the dynamic machine readable code. The embedded user information can be captured during the transaction enabling the presentation of customized content which can be used to provide a user friendly interface for the transacting while detecting incorrect account usage. In another embodiment, in conjunction with the dynamic machine readable code, additional user and/or device features are captured during the processing of a transaction such that the combination facilitate fraudulent activity detection.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.16/601,496, filed on Oct. 14, 2019, and issued as U.S. Pat. No.11,010,649 on May 18, 2021 which is a continuation of U.S. patentapplication Ser. No. 15/971,586, filed on May 4, 2018, and issued asU.S. Pat. No. 10,445,630 on Oct. 15, 2019, which applications areincorporated by reference in their entirety.

TECHNICAL FIELD

The present disclosure generally relates to machine readable codes, andmore specifically, to dynamic machine readable codes.

BACKGROUND

Rapid advancements in technology and communications have led to theubiquitous use of wireless electronics. As such, today's society hasgrown to become heavily device reliant. This reliance has led to the useof electronics to make monetary transactions for goods and services. Forexample, a smartphone may now be used to complete a purchase transactionat a merchant location. In some instances, machine readable codes may beused to complete such transaction. Unfortunately, the use of electronicdevices and in particular machine readable codes may often leave a usersusceptible to fraudulent activity. Therefore, it would be beneficial tocreate a system and method that generates machine readable codes thatcan be used to protect a user from such activity.

BRIEF DESCRIPTION OF THE FIGURES

FIGS. 1A-1C illustrates block diagrams of a first user interaction withone or more devices for performing a transaction.

FIG. 2 is a block diagram of a system for performing a transaction usinga dynamic machine readable code.

FIG. 3 illustrates a communication with a user device for generating adynamic machine readable code.

FIG. 4 illustrates a communication with a user device for using adynamic machine readable code for fraudulent activity detection.

FIG. 5 illustrates another communication with a user device for using adynamic machine readable code for fraudulent activity detection.

FIG. 6 illustrates a flow diagram of a system for generating a dynamicmachine readable code.

FIG. 7 illustrates an example block diagram of a computer systemsuitable for implementing one or more devices of the communicationsystems of FIGS. 1-5.

Embodiments of the present disclosure and their advantages are bestunderstood by referring to the detailed description that follows. Itshould be appreciated that like reference numerals are used to identifylike elements illustrated in one or more of the figures, whereasshowings therein are for purposes of illustrating embodiments of thepresent disclosure and not for purposes of limiting the same.

DETAILED DESCRIPTION

In the following description, specific details are set forth describingsome embodiments consistent with the present disclosure. It will beapparent, however, to one skilled in the art that some embodiments maybe practiced without some or all of these specific details. The specificembodiments disclosed herein are meant to be illustrative but notlimiting. One skilled in the art may realize other elements that,although not specifically described here, are within the scope and thespirit of this disclosure. In addition, to avoid unnecessary repetition,one or more features shown and described in association with oneembodiment may be incorporated into other embodiments unlessspecifically described otherwise or if the one or more features wouldmake an embodiment non-functional.

Aspects of the present disclosure involve systems, methods, devices, andthe like for generating dynamic machine readable codes. In oneembodiment, a system is introduced that enables the analysis of userinformation for the generation of the dynamic machine readable code. Inresponse to the analysis, using middleware on a multi-tier system, userinformation is embedded onto the dynamic machine readable code. Theembedded user information can be captured during the transactionenabling the presentation of customized content which can be used toprovide a user friendly interface for the transacting while detectingincorrect account usage. In another embodiment, in conjunction with thedynamic machine readable code, additional user and/or device featuresare captured during the processing of a transaction such that thecombination facilitate fraudulent activity detection.

Rapid advances in communications have made portable electronic devices,such as smartphones and tablets, part of everyday life. Among otherthings, these electronic devices can be used to browse the web andstream video, and purchase goods and services. In some instances, one ormore electronic devices can be used to make the purchase and inparticular a machine readable code generated by the electronic devicecan be used to make the purchase. However, the use of the electronicdevice for making the purchase can leave the user susceptible tofraudulent activity.

Conventionally, a user may perform a transaction with a smart electronicdevice via the use of the machine readable code at an establishment. Theuse of such machine readable code however, may be vulnerable tofraudulent activity via an account take over, a stolen electronicdevice, a replication of the machine readable code, etc. Such fraudulentactivity can lead to the loss of funds, loss of time, and can lead to aninconvenience to the user trying to resolve the issue.

Such vulnerabilities that derive from the use of a machine readable codecan occur at various instances and locations. To illustrate this, FIGS.1A-1C, include block diagrams of a user performing a transaction usingan exemplary machine readable code. For example, in FIG. 1A, a user 108is interacting with a personal device 102 for performing one or moretransactions. The personal device 102 may be a tablet, laptop, pc, orthe like. For exemplary purposes, personal device 102 can be a laptop.Generally, personal device 102 can be used for numerous tasks includingbut not limited to web browsing, video streaming, bill pay, and purchaseof goods and services. As illustrated, the user 108 of personal device102 will perform the transaction with the use of a machine readable code110. However, the personal device 102 such as a laptop with its use ofthe machine readable code may still be vulnerable to fraudulent actionsby another user.

FIG. 1B illustrates user 108 interacting with a user device 104 forperforming one or more transactions. The user device 104 may be atablet, iPad, cell phone or the like. For exemplary purposes, userdevice 104 can be a smart phone. The smart phone may be equipped withvarious applications for performing similar tasks as indicated withpersonal device 102. For example, the user device 104 may be used forweb browsing, video streaming, bill payments, and online purchases.Additionally, the user device 104 be equipped with applications thatenable the user to make purchases using a payment provider applicationand/or a digital wallet. Further, the user device 104 is capable ofmaking phone calls and communicating with one or more othercommunications devices using a cellular network, Wi-Fi, Bluetooth, BLE,NFC, WLAN, etc. The communication can enable the transmission ofinformation from a user account to a secondary source. For example, theuser device 104 can be used to make a purchase for a good or serviceusing an application or digital wallet. Here again, the user istransacting using the user device 104 with a digital wallet and/ormachine readable code 110. The user 108 although now more mobile and isnot exempt from fraudulent activity.

FIG. 1C illustrates a user 108 interacting with a printout 106 forperforming a transaction. As an example, the printout 106 includes amachine readable code 110 for use in the transaction. Here, although theprintout 106 is portable and accessible for purchases, the printout isstill vulnerable as it may be replicated, lost, or stolen. Therefore, inorder to mitigate the susceptibilities of the user to fraudulentactivities and loss of funds, a system and method is introduced thatalleviates such disadvantages.

In one embodiment, the a system and method is introduced to generate adynamic machine readable code 110 equipped to dynamically customize thecheckout experience based on user preferences which can aid in theidentification of fraudulent activity. For example, during thecompletion of a transaction, the machine readable code may be read andautomatically generate a user experience tailored for the user. Asanother example, during the completion of the transaction, thetransacting device (e.g., personal device 102, user device 104, POS,etc.) may read the customized machine readable code 110 in conjunctionwith user device 104 properties for user authentication. Still asanother example, sensors on the user device 104 in conjunction with thecustomized machine readable code 110 are used to secure useridentification and usage.

To enable such usage, FIG. 2 is introduced which illustrates a blockdiagram of a networked system 200 for implementing the processesdescribed herein, according to an embodiment. In particular, FIG. 2illustrates a block diagram of a system 200 for authenticating a user,transacting with a user, or detecting fraudulent activity by a user withan accessible machine readable code. System 200 illustrates at leastsome of the interactions between multiple entities and/or devices forthe authentication, use and purchase of a product or service with amerchant, or other entity in association with a service provider. Asshown, system 200 may include or implement a plurality of devices,computers, servers, and/or software components that operate to performvarious methodologies in accordance with the described embodiments. Itwill be appreciated that the devices, computers, and/or serversillustrated in FIG. 2 may be deployed differently and that theoperations performed and/or the services provided by such devices,computers, and/or servers may be combined or separated for a givenembodiment and may be performed by a greater number or fewer number ofdevices, computers, and/or servers. Furthermore, one or more of thedevices, computers, and/or servers may be operated and/or maintained bythe same or different entities.

System 200 includes a merchant or other entity device 202, a primaryuser device 224 (e.g., user device 104), a third-party service providercomputer 212, and a secondary user device 236 (e.g., communicationdevice 102) in communication over a network 250. The merchant device202, primary user device 224, third-party service provider computer 212,and the secondary user device 236 may each include one or moreprocessors, memories, and other appropriate components for executingcomputer-executable instructions such as program code and/or data. Thecomputer-executable instructions may be stored on one or more computerreadable mediums or computer readable devices to implement the variousapplications, data, and steps described herein. For example, suchinstructions may be stored in one or more computer readable media suchas memories or data storage devices internal and/or external to variouscomponents of system 200, and/or accessible over network 250.

The merchant device 202 may be implemented as a communication devicethat may utilize appropriate hardware and software configured for wiredand/or wireless communication with the primary user device 224,third-party service provider computer 212, and/or secondary user device236. For example, the merchant device 202 may be implemented as apersonal computer (PC), a smart phone, laptop/tablet computer,point-of-sale device, wristwatch with appropriate computer hardwareresources, eyeglasses with appropriate computer hardware, other type ofwearable computing device, implantable communication devices, and/orother types of computing devices capable of transmitting and/orreceiving data. The merchant device 202 may correspond to and beutilized by a user, such as an employee of a merchant and/or anotherperson authorized by the merchant.

The merchant device 202 may include one or more payment applications204, other applications 206, a database 208, and a network interfacecomponent 210. The payment applications 204 and other applications 206may correspond to executable processes, procedures, and/or applicationswith associated hardware. In other embodiments, merchant device 202 mayinclude additional or different components having specialized hardwareand/or software to perform operations associated with the paymentapplications 204 and/or the other applications 206.

The payment application 204 may facilitate financial transactionscorresponding to the sale of goods and/or services offered by themerchant. For example, the payment application 204 may provide aninterface for customers to purchase the goods or services and to receivecustomer payment information (e.g., customer credit card information).The payment application 204 may further transmit customer paymentinformation to a payment processor (e.g., such as a payment processorcorresponding to the third-party service provider computer 212 or thesecondary user device 236) to process the customer payment information.The payment application 204 may also facilitate other types of financialtransactions such as banking, online payments, money transfer, and/orthe like.

The merchant device 202 may execute the other applications 206 toperform various other tasks and/or operations corresponding to themerchant device 202. For example, the other applications 206 may includesecurity applications for implementing client-side security features,programmatic client applications for interfacing with appropriateapplication programming interfaces (APIs) over network 250, or othertypes of applications. The other applications 206 may also includeadditional communication applications, such as email, texting, voice,and instant messaging (IM) applications that enable a user 106 to sendand receive emails, calls, texts, and other notifications through thenetwork 250. In various embodiments, the other applications 206 mayinclude location detection applications, such as a mapping, compass,and/or global positioning system (GPS) applications, which may be usedto determine a location of the merchant device 202. The otherapplications may 206 include social networking applications.Additionally, the other applications 206 may include device interfacesand other display modules that may receive input and/or outputinformation including machine readable codes. For example, the otherapplications 206 may include a graphical user interface (GUI) configuredto provide an interface to the user.

The merchant device 202 may further include a database 208, which may bestored in a memory and/or other storage device of the merchant device202. The database 208 may include, for example, identifiers (IDs) suchas operating system registry entries, cookies associated with thepayment application 204, tokens, encryption keys, and/or otherapplications 206, IDs associated with hardware of the network interfacecomponent 210, IDs used for payment/user/device authentication oridentification, and/or other appropriate IDs. The database 208 may alsoinclude information corresponding to one or purchase transactions ofcustomers who have purchased goods or services from the merchant,browsing histories of the customers, or other types of customerinformation. In certain embodiments, the merchant device 202 may alsoinclude information corresponding to payment tokens, such as paymenttokens, signs, codes, etc. generated by the third-party service providercomputer 212 and/or generated by the secondary user device 236.

The merchant device 202 may also include at least one network interfacecomponent 210 configured to communicate with various other devices suchas the primary user device 224, the third-party service providercomputer 212, and/or the secondary user device 236. In variousembodiments, network interface component 210 may include a DigitalSubscriber Line (DSL) modem, a Public Switched Telephone Network (PTSN)modem, an Ethernet device, a broadband device, a satellite device and/orvarious other types of wired and/or wireless network communicationdevices including microwave, radio frequency, infrared, Bluetooth®,Bluetooth low-energy, near field communication (NFC) devices, and/or thelike.

The third-party service provider computer 212 may be maintained, forexample, by a third-party service provider, which may provide paymentprocessing services for the merchant. In one example, the third-partyservice provider may be provided by PAYPAL®, Inc. of San Jose, Calif.,USA. Alternatively, the third-party service provider computer 212 may beassociated with a user of the primary and secondary device 224, 236. Assuch, the third-party service provider computer 212 includes one or morepayment processing applications 214, which may be configured to processpayment information received from the merchant device 202 or from aselection at the primary or secondary user device 224, 236. For example,the payment application 204 of the merchant device 202 may receivepayment information from a customer to purchase a service or goodoffered by the merchant. Upon receipt of the payment information, thepayment application 204 may transmit the payment information to thethird-party service provider computer 212. The payment processingapplication 214 of the third-party service provider computer 212 mayreceive and process the payment information. As another example, thepayment application 204 can present a payment code on a display of theuser device associated with the merchant. The payment code can bescanned or transmitted to the merchant device 202 for paymentprocessing.

The third-party service provider computer 212 may execute the otherapplications 216 to perform various other tasks and/or operationscorresponding to the third-party service provider computer 212. Forexample, the other applications 216 may include security applicationsfor implementing client-side security features, programmatic clientapplications for interfacing with appropriate APIs over the network 250,or other types of applications. The other applications 216 may alsoinclude additional communication applications, such as email, texting,voice, and IM applications that enable communication of emails, calls,texts, and other notifications through the network 250. In variousembodiments, the other applications 216 may include location detectionapplications, such as a mapping, compass, and/or GPS applications, whichmay be used to determine a location of the third-party service providercomputer 212. Additionally, the other applications 216 may includedevice interfaces and other display modules that may receive inputand/or output information. For example, the other applications 216 mayinclude a GUI configured to provide an interface to one or more users.

The third-party service provider computer 212 may further include adatabase 218, which may be stored in a memory and/or other storagedevice of the third-party service provider computer 212. The database218 may include, for example, IDs such as operating system registryentries, cookies associated with the payment processing application 214and/or other the applications 216, IDs associated with hardware of thenetwork interface component 222, IDs used for payment/user/deviceauthentication or identification, and/or other appropriate IDs.

According to a particular embodiment, the third-party service providercomputer 212 may include a set of payment profiles 220 corresponding topast sales transactions executed by the merchant device 202 with respectto one or more customers of the merchant. Alternatively, the third-partyservice provider computer 212 may include a set of merchant paymentprofiles corresponding to the payment sources associated to acorresponding merchant. For example, a particular payment profile fromthe set of payment profiles 220 may include payment informationcorresponding to a particular customer of the merchant and/or a merchantassociated with a user. The payment information may include credit cardinformation (e.g., card number, expiration date, security code, cardissuer, and/or the like), Automated Clearing House (ACH) information(e.g., account number, routing number, and/or the like), identificationinformation associated with the particular customer/user (e.g., acustomer identifier, name, address, phone number, date of birth, and/orthe like), billing information, and/or any other type of paymentinformation associated with the particular customer. Furthermore, otherpayment profiles of the set of payment profiles 220 may include paymentinformation corresponding to other customers of the merchant and/orother merchants associated with the user. In addition, the third-partyservice provider computer 212 may store the set of payment profiles 220according to a first file format.

The third-party service provider computer 212 may also store a set ofpayment tokens corresponding to the set of payment profiles 220. Forexample, each payment profile of the set of payment profiles 220 may beassociated with a corresponding payment token from the set of paymenttokens. In some embodiments, each payment profile may include acorresponding payment token from the set of payment tokens. The set ofpayment tokens may be particular to the third-party service providercomputer 212 (e.g., computers from other service providers may be unableto use the set of payment tokens) and may enable the merchant device 202to more securely process payment transactions with the third-partyservice provider computer 212. For example, in order to process apayment transaction that involves a credit card number associated with aparticular payment profile, the third-party service provider computer212 may provide the merchant device 202 with a particular payment tokenthat is different from the credit card number. The merchant device 202may use the particular payment token to process the payment transactioninstead of the credit card number. Further, the merchant device maystore and associate the particular payment token with the particularpayment profile instead of the credit card number, thereby protectingthe credit card number from being stolen in a potential security breachof the merchant device 202.

In various embodiments, the third-party service provider computer 212also includes at least one network interface component 222 that isconfigured to communicate with the merchant device 202, the primary userdevice 224, and/or the secondary user device 236 via the network 250.Further, the network interface component 222 may comprise a DSL modem, aPSTN modem, an Ethernet device, a broadband device, a satellite deviceand/or various other types of wired and/or wireless networkcommunication devices including microwave, RF, and IR communicationdevices.

The primary user device 224 may be implemented as a communication devicethat may utilize appropriate hardware and software configured for wiredand/or wireless communication with the merchant device 202, third-partyservice provider computer 212, and/or the secondary user device 236. Theprimary user device 224, may be a personal computer (PC), a smart phone,laptop/tablet computer, wristwatch with appropriate computer hardwareresources, eyeglasses with appropriate computer hardware (e.g. GOOGLEGLASS®), other type of wearable computing device, implantablecommunication devices, and/or other types of computing devices capableof transmitting and/or receiving data. In one embodiment, the primaryuser device 224 may be mobile device 102 communicating with seconddevice 104, a merchant device and/or service provider 212.

The primary user device 224 may include a payment processing application226 that may be used as a digital wallet that can communicate with amerchant device 202, secondary user device 236, and/or third partyservice provider 212 for purchasing and transacting. The paymentprocessing application 226, can work jointly with database 230 forretrieving bank account information, user accounts, security codes,tokens that may be associated with various merchant locations.Similarly, the payment processing application, can also provide accessto the user profiles for determining which payment method, processingcode, to use at a merchant location. The primary user device 224 mayinclude an enclave 232 which can be a secure hardware level storage aredesignated for the payment processing application 226. The enclave 232can enable the storage of private and public keys and a randomlygenerated token that enables the secure communication and validation ofthe user of the payment processing application with the third partyservice provider 212.

In one embodiment, the primary device (user device 104) uses the privatekey and secure token encryption for communicating with the paymentprocessing application 226. In another embodiment, user device usesgenerates and uses a dynamic machine readable code for processing thepayment on the payment processing application. The dynamic machinereadable code included user information which may be embedded into thecode in response to a request to process a transaction using at leastthe dynamic machine readable code. The dynamic machine readable code maythen be captured by a secondary user device 236, merchant device 202 orother device for processing the transaction. In some embodiments,further to the capture of the dynamic machine readable code, additionalinformation may be captured and used in the processing. For example, insome instances, device type, image resolution, screen lock, etc., may becaptured. In other instances, additional device information may becaptured including information captured by sensors located within theuser device. For example, location, movement, light, audio, video,images, orientation, may be recorded by sensors on the user device andused in conjunction with and/or embedded on the dynamic machine readablecode.

The primary user device 224 may also include other applications 228 toperform various other tasks and/or operations corresponding to theprimary user device 224. For example, the other applications 228 mayfacilitate communication with the merchant device 202, such as toreceive an indication, from the merchant device 202, to switch paymentprocessing services from the third-party service provider to the serviceprovider. As another example, the other applications 228 may includesecurity applications, application that enable designation of a primaryinteractive device, and applications that allow for web site access(including access to merchant websites). The other applications 228 mayalso include additional communication applications, such as email,texting, voice, and IM applications that enable communication of emails,calls, texts, and other notifications through the network 250. Invarious embodiments, the other applications 228 may include locationdetection applications, such as a mapping, compass, and/or GPSapplications, which may be used to determine a location of the userdevice 224. The other applications may 228 social networkingapplications. Additionally, the other applications 228 may includedevice interfaces and other display modules that may receive inputand/or output information. For example, the other applications 228 mayinclude a GUI configured to provide an interface to one or more users.

The primary user device 224 may further include a database 230, whichmay be stored in a memory and/or other storage device of the primaryuser device 224. The database 230 may include, for example, identifiers(IDs) such as operating system registry entries, cookies associated witha web browser and/or the other applications 228, IDs associated withhardware of the network interface component 234, IDs used forpayment/user/device authentication or identification, bank information,merchant information, user accounts, and/or other appropriate IDs. Inaddition, the database 230 may include user identifier information whichcan be used in conjunction with secondary user device 236 during anexplicit code exchange and/or contextual information for web browserauthentication.

Primary user device 224, can also be equipped with various sensors 234to provide sensed characteristics about the primary user device 224 andits environment. For example, the sensors 234 can include a camera fortaking images of the surroundings used to determine the information toprovide a user (e.g., camera take image of Macy's so a Macy's QR code ispresented on the primary interactive device). As another example, thesensors 234 can include microphones for receiving audio signals whichcan be used to detect location, and other relevant terms that may bespoken. Further, the sensors 234 can include an accelerometer, a lightsensor, a biometric sensor, temperature sensor, etc. For example, thebiometric sensor can be used to collect a user fingerprint scan. Eachtype of sensor providing various characteristics about the device, user,or environment.

The primary user device 224 may also include at least one networkinterface component 110 configured to communicate with various otherdevices such as the merchant device 202, the third-party serviceprovider computer 212, and/or the secondary user device 236. In variousembodiments, network interface component 234 may include a DigitalSubscriber Line (DSL) modem, a Public Switched Telephone Network (PTSN)modem, an Ethernet device, a broadband device, a satellite device and/orvarious other types of wired and/or wireless network communicationdevices including microwave, radio frequency, infrared, Bluetooth®,Bluetooth low-energy, near field communication (NFC) devices, and/or thelike.

As indicated above, a secondary user device 236 (e.g., user device 104)may be presently available and used by a consumer (e.g., user 108). Thesecondary user device 236, much like the primary user device may beequipped with payment processing applications 238 as well as otherapplications 240. The payment processing applications 238 and otherapplications 240 may be used to perform various tasks and/or operationscorresponding to the secondary user device 236. The other applications228 may include additional communication applications, such as email,texting, voice, and IM applications that enable communication of emails,calls, texts, and other notifications through the network 250. Inaddition, the other applications 228 may include location detectionapplications, such as a mapping, compass, and/or GPS applications, whichmay be used to determine a location of the secondary user device 236.The other applications may further include 228 social networkingapplications and device interfaces and other display modules that mayreceive input and/or output information.

For example, the applications 238, 240 may facilitate communication withthe merchant device 202, such as by presenting a QR code that may beused for making a purchase. As another example, the applications 238,240 may provide notice of an incoming call or text to the user 106 ofthe secondary user device 236. Still as another example, theapplications 238,240 can provide details and/or login information forauthentication by the primary user device 224.

The secondary user device 236 may also include a network interfacecomponent 242 for connecting and interacting with at least primary userdevice 224, merchant user device 202, and/or third-party serviceprovider computer 212 over network 250. The network interface component242 may comprise a DSL modem, a PSTN modem, an Ethernet device, abroadband device, a satellite device and/or various other types of wiredand/or wireless network communication devices including microwave, RF,and IR communication devices.

The network 250 may be implemented as a single network or a combinationof multiple networks. For example, in various embodiments, the network250 may include the Internet or one or more intranets, landlinenetworks, wireless networks, and/or other appropriate types of networks.Thus, the network 250 may correspond to small scale communicationnetworks, such as a private or local area network, or a larger scalenetwork, such as a wide area network or the Internet, accessible by thevarious components of system 200.

In addition, the secondary user device 236 can also include sensors 244that may be used for providing measured information about the user,device, location, environment, etc. The sensors can be used to detectlight (is device in a pocket, indoors, outside, etc.), biometric data(is user working out), location (user is in a meeting, call received),etc. Further, the sensors 244 can also be used to determine proximitybetween devices and location of interest as well as determine processorusage and/or signal strength, location, etc. which may be used tocharacterize the device for determining the interaction state of theprimary user device 224.

As indicated, the sensors on the primary user device 224 may be used inconjunction with the dynamic machine readable code for enabling theprocessing of a transaction. For example, in an instance where adiscrepancy or mismatch exists between the embedded information and theinformation captured or sensed, then a transaction cancellation or atleast notification may be pushed. The notification may be sent to theprimary user device 224 notifying the user of possible fraudulentactivity, and/or occur at a secondary user device 236 or merchant device202 with an indication of a failed transaction.

FIGS. 3-5 provide exemplary embodiments illustrating a communication andtransaction over a user device 104 using a dynamic machine readable code110. In particular, FIG. 3 illustrates the generation of the dynamicmachine readable code 110 and the resulting customization of the user UI308. As illustrated in FIG. 3, the generation of the dynamic machinereadable code 110 can occur at the middle tier layer 304. As understood,presentation, application, and data management often occurs in amulti-tier client-server architecture. Most often, a three-tierarchitecture is used. The three tiers commonly include a presentation(client) tier 302, a logic (middle) tier 304, and a data (back-end) tier306. The presentation or client tier 302, as the name indicates, isgenerally used for the presentation of information and is theapplication including the user interface. The primary task of thepresentation tier is to translate information received from other tiers304, 306 and present it in a manner that the user 108 can bestunderstand it. The data or back-end tier 306 is the tier where data maybe stored and retrieved, that will be used and presented by thepresentation tier 302. The back-end tier 306 can store or retrieve andprocess the data, which may be located locally and/or remotely indatabases, datastructures, servers, clouds, and other file systems.Midway between the client tier 302 and the back-end tier 306 is thelogic or middle tier 304. The middle tier 306 performs the datamanipulation stored and/or retrieved from the back-end tier forpresentation on the client tier 302. Data manipulation can includeperforming the logical processes including but not limited to thecoordination, processing, evaluation, and calculation of data.Therefore, generally speaking, the middle tier 304 can be responsiblefor the reading and writing of data. That is to say, the middle tier canread the data retrieved and deliver it to the presentation tier 302and/or can manipulate the data retrieved. Oftentimes, software solutionsknown as middleware may be used for such implementations on the middletier 304.

In one embodiment, the middle tier 304 is designed to manipulate userprofile information retrieved to generate a dynamic machine readablecode 110. The dynamic machine readable code 110 can be designed toinclude user details including but not limited to an amount for apurchase, user account information, and other user preferences thatwould allow for UI customization based on the information embeddedwithin the dynamic machine readable code 110.

For example, turning to user device 104, a customized dynamicallygenerated machine readable code 110 (e.g., QR code) is presented on theuser interface (UI) 308. As illustrated, the dynamically generatedmachine readable code 110 can be displayed on the UI 308 for use in atransaction. The dynamically generated machine readable code 110 can begenerated to include user account information, preferences and othercustomizable information relevant for the transaction and useful infraudulent activity detection. The user information may be embedded intothe dynamically generated machine readable code 110 via the middle tier306. Additionally, the middle tier 306 may also include othercustomizable information which can be displayed on the UI 308. As anexample, UI 308 illustrates the inclusion of the user name Mary andtransaction amount (e.g., $80) which can help confirm to the seller orother individual/entity that Mary should be the person performing thetransaction.

In one embodiment, once the dynamic machine readable code 110 has beenscanned, user information that was embedded into the dynamic machinereadable code 100 may be presented on a UI of the receiving party. Thisuser information can then be used for verification purposes. Forexample, user address, email, date of birth, photo, etc. can be includedwhich can be asked by the receiving party. Additionally oralternatively, once the dynamic machine readable code 110 is scanned,the user may be presented with a customized home page illustrating acustomized UI 308 most agreeable to the user 108. In FIG. 300 forexample, the service provider application (e.g., PayPal) may appearwhich includes Mary's photo, latest transactions, menu bar 312 and otherrelevant information to Mary. Illustrated here, is a menu bar 312 thatincludes not only send and request options, but also a cardless cashoption 312 that may have been added by the user 312 as a preferredtransacting option.

In another embodiment, once the dynamic machine readable code 110 hasbeen scanned, user information that was embedded into the dynamicmachine readable code 110 may trigger the use of a web browser that isagain customized to the user preferences. For example, in the case wherea personal device 102 is used, the user's payment provider home screenmay be presented. Like the UI 310, the website is customized to userpreference. In some instances, in addition to the layout and userselection options, the website can have larger or smaller font and amore involved/simplified layout if it is so determined based onpreference. In other instances, general knowledge about the user 108(e.g., age) can be used to present a website more suitable for the user108. For example, an elder man may like larger font, where a millennialmay prefer a different UI adapted to make transactions faster and moreefficient. The preferences may thus be embedded on the dynamic machinereadable code 110, which can dynamically prompt the customized uniformresource locator (URL) to display on the personal device 102.

Turning to FIG. 4, the use of the dynamic machine readable code 110 andother features for transacting and fraudulent activity detection isillustrated. As previously indicated, the middle tier 304 can be used togenerate a dynamic machine readable code 110 and in some instancestransmit additional user information to the presentation tier 302. InFIG. 4, again user device 104 is illustrated which includes a UI 402 awith the dynamic machine readable code 110 along with basic userinformation which can be used for fraud detection.

In one embodiment, further to the user information and preferences thatmay be embedded in the dynamic machine readable code 110, additionalphone features may be used for the detection of fraudulent activity. Forexample, as illustrated on UI 402 b may have additional customizationfeatures that the user 108 is aware of. For example, the user may have ascreen saver with a light hue in the background which can be read duringthe transaction and used for user verification and authorization.Additionally, a change in user font size, style 404, and insertion ofadditional characters can be detected.

In another embodiment, in addition to the dynamic machine readable code110 known user device 104 properties may be used for transacting andauthenticating. For example, during a transaction, it can be recognizedthat a user 108 has a certain phone type and brand. The phone type andbrand can thus be used and compared against user informationtransmitted. To illustrate, consider a user 108 making a purchase at adepartment store. The user 108 can present the UI 402 b for payment. Atthe department store the point of sale system can scan not only thedynamic machine readable code 110, but further capture features aboutthe phone. Features can include the resolution, font, style, picturesand other information which can be used to verify the user's identity.In some embodiments, the user's phone information can also be embeddedinto the dynamic machine readable code 110 such that once scanned, thedetails embedded should match the user device 104 used.

In yet another embodiment, the dynamic machine readable code 110 isembedded in a recognizable object. As an illustration, UI 402 cillustrates the use of a guitar which can include the user profileinformation, transaction amount, phone type, and other usefulinformation that can help with user verification and authentication. Forexample, embedded, by the middle tier 304, into the figure can includeuser information which may be used to ask and confirmed user identity.The figure can be generated dynamically as does the dynamic machinereadable code based on a predefined set of objects selected by the user.Alternatively, the object displayed may be a single predefined objectwhich is recognized by the user to be the dynamic machine readable codefor use in transacting. In addition, further to the use of the object,user device 104 properties can be scanned, recognized and used in thetransaction. As indicated, user device 104 properties can includeresolution, background, device type, text located near or around thedynamic machine readable code 110, etc.

Note that although the various embodiments are presented on a userdevice 104, a personal device 102, other smart device, a picture, orprintout 106 may be used for transacting. The middle tier 304 can stillgenerate the dynamic machine readable code 110 and use the embeddedinformation and surrounding properties for fraudulent activityprevention.

Turning to FIG. 5, an extension to the use of the dynamic machinereadable code 110 is presented. In particular, FIG. 5 illustratesanother communication with a user device 104 for using a dynamic machinereadable code 110 for fraudulent activity detection. As illustrated inblock diagram 500, user 108 is in the process of transacting at anentity 502. The entity 502 can be a department store, coffee shop,grocery store, retail shop, or the like. For exemplary purposes, theentity 502 is a retail shop.

The user is in the vicinity of the retail shop 502 and geographicallylocated within a geofence 506. The geofence 506 can be designated basedon a signal capture from a cellular basestation 504, a beacon at theretail shop, or via short range signal communications capture byBluetooth, NFC, Wi-Fi, and the like. Thus, a user geographical locationcan be identified and used in conjunction with the dynamic machinereadable code to enable correct user identification. Therefore, if theuser 108 presents the dynamic machine readable code 110 (even if it is aphoto), location information may be used to determine correct identity.In some instances, a user device 104 in conjunction with a secondarysmart device may be used for detection. For example, the user device 104maybe associated with a smart watch (not shown) and if the location ofboth devices does not match flags, warnings, messages, pushnotifications, etc. can be sent to the user regarding possiblefraudulent activity. Additionally or alternatively, the dynamic machinereadable code 110 can embedded additional details which can trigger theretail shop 502 to request additional authentication information.

Note that further to user 104 or user device 104 location information,Wi-Fi connections, other properties and characteristics, such aslighting, speed of movement, presence of others within the users contactlist or social network can be used for fraudulent activity detection. Asan example, sensors located on the user device 104 can be used to locateif the user is outside for example base on lighting, is moving, and/oris near other friends whose social conversations and/or postingsindicate a gathering. Additionally, a user device 104 microphone andcamera can also be used to ensure correct user detection viavoice/facial recognition. For authentication purposes, the dynamicmachine readable code 110 can include embedded details that relate tosuch activity.

FIG. 6 illustrates an example process 600 for generating a dynamicmachine readable code 110 by a system, as described by the blockdiagrams of FIGS. 2-5. In particular, FIG. 6 includes a flow diagramillustrating operations for transacting generating and transacting usingthe dynamic machine readable code 110. According to some embodiments,process 600 may include one or more of operations 602-622, which may beimplemented, at least in part, in the form of executable code stored ona non-transitory, tangible, machine readable media that, when run on oneor more hardware processors, may cause a system to perform one or moreof the operations 602-622.

Process 600 begins with operation 602, where a user interested in makinga transaction using a machine readable code indicates such desire. Therequest to use a machine readable code may occur on a financial entityapplication where a selection is made to generate such code. As such, atoperation 602, a user device, personal computer, or other such devicemay determine that a request has been made for the generation of thedynamic machine readable code.

Once the request has been received, at operation 604, a communicationbetween the user device and one or more other entities/sources (serviceprovider, server, financial institution, database or file system)occurs. Such communication includes at least an exchange of informationidentifying the user and the retrieval of user information from the atleast one source. As indicated above and in conjunction with FIGS. 2-4,user information which can be retrieved can include account information,profile information, user preferences, user demographics, and otherrelevant details which can aid in the identification of the user. Atoperation 606, the details retrieved can be categorized, analyzed,and/or manipulated to determine, what information is needed for thetransaction and will be embedded in the dynamic machine readable code.In some instances, process 600 can include operation 606 before 604where type and what relevant information is useful for this transactionand then retrieving that specific information.

At operation 608, a determination is made as to whether additionalexternal information is needed and should be included in the dynamicmachine readable code. For example, as indicated above and inconjunction with FIGS. 4 and 5, user device details, networkconnectivity, user device geographical location, sensed data, and thelike may be used for fraudulent activity detection. Therefore, atoperation 608, a determination is made as to whether at least some ofthe external details should be included and retrieved at operation 610before continuing to operation 612. At operation 612, the generation ofthe dynamic machine readable code occurs. At this stage in the process,the user information and/or the external information retrieved isembedded into the dynamic machine readable code and generated by themiddle tier layer for use in transacting.

Once the dynamic machine readable code has been generated it may bephotographed, copied, printed, or simply scanned from the device. Theuse and scan of the dynamic machine readable code is detected atoperation 614. Upon scanning the dynamic machine readable code, acustomized user interface may be presented to the user and/or the entitywhere the transaction is occurring. For example, scanning the code canlead to a customized website that may be presented to the user onhis/her device tailored to include user preferences. As another example,scanning the code can present the receiving entity with user details(e.g., photo, address, birthday, account information, etc.) which can beused for verification.

At operation 618, the information is checked against what was retrievedfrom the scan. If a failed match exists, then process 600 continues tooperation 620 where a notification may be sent to the user indicatingthe possibility of fraudulent activity and possible cancellation of thetransaction. Alternatively, if not failed match exists, then process 600continues to operation 622 where the transaction is completed.

As an illustration, process 600 can include receiving, over a firstwireless network connection, a request from a user device to generate adynamic machine readable code; retrieving, from a first source, userinformation associated with the user of the user device; analyze theuser information to determine a first user information to include on thedynamic machine readable code; detecting, a capture of the dynamicmachine readable code; and in response to the detecting, presenting acustomized user interface based on the first user information embeddedon the dynamic machine readable code. The user information can beembedded onto the dynamic machine readable code using a middle tierusing at least middleware and the user information includes at least aphoto, email, data birth, account information, etc.

In some instances, in response to receiving a request to retrieve adynamic machine readable code, additional device information associatedwith the user of the user device may also be retrieved and used inand/or captured during the scan of the dynamic machine readable code. Insome instances, where the dynamic machine readable code and additionaldevice information retrieved do not match, a determination may be madethat fraudulent activity may exist. This can be determined through thecomputation of a correlation, probability, or a threshold statistic thatis not met or achieved. As indicated, in this instance, a notificationand/or transaction cancellation may occur.

FIG. 7 illustrates an example computer system 700 in block diagramformat suitable for implementing on one or more devices of the system inFIGS. 1-6. In various implementations, a device that includes computersystem 700 may comprise a personal computing device (e.g., a smart ormobile device, a computing tablet, a personal computer, laptop, wearabledevice, PDA, etc.) that is capable of communicating with a network 726(e.g., network 250). A service provider and/or a content provider mayutilize a network computing device (e.g., a network server) capable ofcommunicating with the network. It should be appreciated that each ofthe devices utilized by users, service providers, and content providersmay be implemented as computer system 700 in a manner as follows.

Additionally, as more and more devices become communication capable,such as new smart devices using wireless communication to report, track,message, relay information and so forth, these devices may be part ofcomputer system 700. For example, windows, walls, and other objects maydouble as touch screen devices for users to interact with. Such devicesmay be incorporated with the systems discussed herein.

Computer system 700 may include a bus 710 or other communicationmechanisms for communicating information data, signals, and informationbetween various components of computer system 700. Components include aninput/output (I/O) component 704 that processes a user action, such asselecting keys from a keypad/keyboard, selecting one or more buttons,links, actuatable elements, etc., and sending a corresponding signal tobus 710. I/O component 804 may also include an output component, such asa display 702 and a cursor control 708 (such as a keyboard, keypad,mouse, touchscreen, etc.). In some examples, I/O component 704 otherdevices, such as another user device, a merchant server, an emailserver, application service provider, web server, a payment providerserver, an ATM server, and/or other servers via a network. In variousembodiments, such as for many cellular telephone and other mobile deviceembodiments, this transmission may be wireless, although othertransmission mediums and methods may also be suitable. A processor 718,which may be a micro-controller, digital signal processor (DSP), orother processing component, that processes these various signals, suchas for display on computer system 700 or transmission to other devicesover a network 726 via a communication link 724. Again, communicationlink 724 may be a wireless communication in some embodiments. Processor718 may also control transmission of information, such as cookies, IPaddresses, images, and/or the like to other devices.

Components of computer system 700 also include a system memory component714 (e.g., RAM), a static storage component 714 (e.g., ROM), and/or adisk drive 716. Computer system 700 performs specific operations byprocessor 718 and other components by executing one or more sequences ofinstructions contained in system memory component 712 (e.g., forengagement level determination). Logic may be encoded in a computerreadable medium, which may refer to any medium that participates inproviding instructions to processor 718 for execution. Such a medium maytake many forms, including but not limited to, non-volatile media,volatile media, and/or transmission media. In various implementations,non-volatile media includes optical or magnetic disks, volatile mediaincludes dynamic memory such as system memory component 712, andtransmission media includes coaxial cables, copper wire, and fiberoptics, including wires that comprise bus 710. In one embodiment, thelogic is encoded in a non-transitory machine-readable medium. In oneexample, transmission media may take the form of acoustic or lightwaves, such as those generated during radio wave, optical, and infrareddata communications.

Some common forms of computer readable media include, for example, harddisk, magnetic tape, any other magnetic medium, CD-ROM, any otheroptical medium, RAM, PROM, EPROM, FLASH-EPROM, any other memory chip orcartridge, or any other medium from which a computer is adapted to read.

Components of computer system 700 may also include a short rangecommunications interface 720. Short range communications interface 720,in various embodiments, may include transceiver circuitry, an antenna,and/or waveguide. Short range communications interface 720 may use oneor more short-range wireless communication technologies, protocols,and/or standards (e.g., WiFi, Bluetooth®, Bluetooth Low Energy (BLE),infrared, NFC, etc.).

Short range communications interface 720, in various embodiments, may beconfigured to detect other devices (e.g., device 104, ATM 106, etc.)with short range communications technology near computer system 700.Short range communications interface 720 may create a communication areafor detecting other devices with short range communication capabilities.When other devices with short range communications capabilities areplaced in the communication area of short range communications interface720, short range communications interface 720 may detect the otherdevices and exchange data with the other devices. Short rangecommunications interface 720 may receive identifier data packets fromthe other devices when in sufficiently close proximity. The identifierdata packets may include one or more identifiers, which may be operatingsystem registry entries, cookies associated with an application,identifiers associated with hardware of the other device, and/or variousother appropriate identifiers.

In some embodiments, short range communications interface 720 mayidentify a local area network using a short range communicationsprotocol, such as WiFi, and join the local area network. In someexamples, computer system 700 may discover and/or communicate with otherdevices that are a part of the local area network using short rangecommunications interface 720. In some embodiments, short rangecommunications interface 720 may further exchange data and informationwith the other devices that are communicatively coupled with short rangecommunications interface 720.

In various embodiments of the present disclosure, execution ofinstruction sequences to practice the present disclosure may beperformed by computer system 700. In various other embodiments of thepresent disclosure, a plurality of computer systems 700 coupled bycommunication link 724 to the network (e.g., such as a LAN, WLAN, PTSN,and/or various other wired or wireless networks, includingtelecommunications, mobile, and cellular phone networks) may performinstruction sequences to practice the present disclosure in coordinationwith one another. Modules described herein may be embodied in one ormore computer readable media or be in communication with one or moreprocessors to execute or process the techniques and algorithms describedherein.

A computer system may transmit and receive messages, data, informationand instructions, including one or more programs (i.e., applicationcode) through a communication link 724 and a communication interface.Received program code may be executed by a processor as received and/orstored in a disk drive component or some other non-volatile storagecomponent for execution.

Where applicable, various embodiments provided by the present disclosuremay be implemented using hardware, software, or combinations of hardwareand software. Also, where applicable, the various hardware componentsand/or software components set forth herein may be combined intocomposite components comprising software, hardware, and/or both withoutdeparting from the spirit of the present disclosure. Where applicable,the various hardware components and/or software components set forthherein may be separated into sub-components comprising software,hardware, or both without departing from the scope of the presentdisclosure. In addition, where applicable, it is contemplated thatsoftware components may be implemented as hardware components andvice-versa.

Software, in accordance with the present disclosure, such as programcode and/or data, may be stored on one or more computer readable media.It is also contemplated that software identified herein may beimplemented using one or more computers and/or computer systems,networked and/or otherwise. Where applicable, the ordering of varioussteps described herein may be changed, combined into composite steps,and/or separated into sub-steps to provide features described herein.

The foregoing disclosure is not intended to limit the present disclosureto the precise forms or particular fields of use disclosed. As such, itis contemplated that various alternate embodiments and/or modificationsto the present disclosure, whether explicitly described or impliedherein, are possible in light of the disclosure. For example, the aboveembodiments have focused on the user and user device, however, acustomer, a merchant, a service or payment provider may otherwisepresented with tailored information. Thus, “user” as used herein canalso include charities, individuals, and any other entity or personreceiving information. Having thus described embodiments of the presentdisclosure, persons of ordinary skill in the art will recognize thatchanges may be made in form and detail without departing from the scopeof the present disclosure. Thus, the present disclosure is limited onlyby the claims.

What is claimed is:
 1. A system, comprising a non-transitory memory; andone or more hardware processors coupled to the non-transitory memory andconfigured to read instructions from the non-transitory memory to causethe device to perform operations comprising: transmitting, over a firstwireless network connection, a request to retrieve a dynamic machinereadable code; receiving the dynamic machine readable code, wherein thereceived dynamic machine readable code includes embedded userinformation and wherein the embedded user information is added based onan analyzing of the user information associated with the request; andreceiving, a customized user interface in response to an image captureof the dynamic machine readable code.
 2. The system of claim 1, whereinthe request is generated based in part on a private key and tokenlocated in a user device associated with the transmitting request. 3.The system of claim 1, wherein the user information includes at least auser name and biometric information.
 4. The system of claim 1, whereinthe operations further comprise: receiving, a notification, wherein thenotification includes a request for user identification.
 5. The systemof claim 1, wherein the request includes device information including auser device type.
 6. The system of claim 1, wherein the operationsfurther comprise: in response to determining fraudulent activity,receiving a notification of the fraudulent activity, and wherein thedetermining includes identifying a device information received from therequest does not match a embedded information in the dynamic machinereadable code.
 7. The system of claim 1, wherein the user informationincludes at least one of a photo, an email, or account number.
 8. Amethod comprising: transmitting, over a first wireless networkconnection, a request to retrieve a dynamic machine readable code;receiving the dynamic machine readable code, wherein the receiveddynamic machine readable code includes embedded user information andwherein the embedded user information is added based on an analyzing ofthe user information associated with the request; and receiving, acustomized user interface in response to an image capture of the dynamicmachine readable code.
 9. The method of claim 8, wherein the userinformation is embedded on the dynamic machine readable code using amiddle tier application.
 10. The method of claim 9, wherein the requestis generated based in part on a private key and token located in a userdevice associated with the transmitting request.
 11. The method of claim8, wherein the user information includes at least a user name andbiometric information.
 12. The method of claim 8, further comprising:receiving, a notification, wherein the notification includes a requestfor user identification.
 13. The method of claim 8, wherein the requestincludes device information including a user device type.
 14. The methodof claim 8, further comprising: in response to determining fraudulentactivity, receiving a notification of the fraudulent activity, andwherein the determining includes identifying a device informationreceived from the request does not match a embedded information in thedynamic machine readable code.
 15. The method of claim 8, wherein theuser information includes at least one of a photo, an email, or accountnumber.
 16. A non-transitory machine readable medium having storedthereon machine readable instructions executable to cause a machine toperform operations comprising: transmitting, over a first wirelessnetwork connection, a request to retrieve a dynamic machine readablecode; receiving the dynamic machine readable code, wherein the receiveddynamic machine readable code includes embedded user information andwherein the embedded user information is added based on an analyzing ofthe user information associated with the request; and receiving, acustomized user interface in response to an image capture of the dynamicmachine readable code.
 17. The non-transitory machine readable medium ofclaim 16, wherein the user information is embedded on the dynamicmachine readable code using a middle tier application.
 18. Thenon-transitory machine readable medium of claim 16, wherein the requestis generated based in part on a private key and token located in a userdevice associated with the transmitting request.
 19. The non-transitorymachine readable medium of claim 16, further comprising: receiving, anotification, wherein the notification includes a request for useridentification.
 20. The non-transitory machine readable medium of claim16, wherein the request includes device information including a userdevice type.